portupgrade, Railroad Security, Paranoid PHP System Calls, and XP for Open Source Developers

Greetings! Yesterday was Labor Day here in the U.S., so instead of
laboring to produce the next week of stories and book excerpts for ONLamp.com, your
editor spent the day laboring to finish installing Gentoo GNU/Linux on his
laptop. Consequently, today is Linux Newsletter Day. Let's start here:

Dru Lavigne's latest jaunt through the fine world of FreeBSD explores portupgrade.
You can go a long time without even knowing it's there, but once you've seen
what a searchable index of your ports can do, you'll never forget it's there.

John Coggeshall's latest PHP Foundations column, Securing
System Calls, is a reminder that user input is untrustworthy. Though PHP
has a fantastic amount of included functionality, sometimes the simplest
solution to a problem is to execute a standard program, such as a zipping
program or a legacy binary. Unless you're sufficiently paranoid, it's possible
for malicious user input to do things you don't expect—so it behooves
you to learn exactly how paranoid you should be.

To subscribe to the Linux newsletter (or any O'Reilly Network newsletters), visit https://epoch.oreilly.com/account/default.orm and select the newsletters you wish to receive in your user profile (you'll need to log in with your existing O'Reilly Network account -- if you don't yet have an account, you'll need to create one).

One nice feature of open source development is that developers can make
lots of mistakes and still, eventually, succeed. Of course, it'd be nicer to
avoid some of those mistakes. Your editor's Five
Lessons Open Source Developers Should Learn from Extreme Programming
explores some of the common mistakes and explains ways to avoid them. Not
every practice has a direct match, but you can improve your software and lower
your sanity roll with a little discipline.

ONLamp.com and Linux Devcenter Top Five Articles Last Week

Five Lessons Open Source Developers Should Learn from Extreme Programming
It may be harder to see how Extreme Programming (XP) can apply to
open source projects, especially those without a formal customer.
But to build a successful open source project, you must solve many
of the same problems you'd face with an in-house project. Here
chromatic, author ofExtreme Programming Pocket Guide, offers five
lessons open source developers can learn from XP.

portupgrade
One of FreeBSD's biggest benefits is its ports collection. Perhaps
the most important ports utility is portupgrade. Dru Lavigne
demonstrates how you can get the most out of your ports collection.

Five Habits for Successful Regular Expressions
For many programmers, writing regular expressions is a black art.
They stick to the features they know and hope for the best. Tony
Stubblebine, author of Regular Expression Pocket Reference, says
programmers can avoid a lot of trial and error by adopting these
five habits for regular expression development. The code examples
in this article use Perl, PHP, and Python, but the advice Tony
espouses is applicable to nearly any regex implementation.

Guido van Rossum Speaks
Guido van Rossum, creator of Python, recently announced a move from
PythonLabs to Elemental Security. Steve Holden caught up with Guido
to talk about the move, the future of Python, and computer
programming for everybody.